factory-packages-mirror

Clone
Source Code
GIT

Blame packages/n/nvme-cli/0100-harden_nvmf-connect@.service.patch

master
  1.   f155be6373602751b91d0a1b3c4f59f687e60cfb
  2.   packages
  3.   n
  4.   nvme-cli
  5.   0100-harden_nvmf-connect@.service.patch
Blob History Raw
Bernhard M. Wiedemann f155be 
---
Bernhard M. Wiedemann f155be 
 nvmf-autoconnect/systemd/nvmf-connect@.service |   11 +++++++++++
Bernhard M. Wiedemann f155be 
 1 file changed, 11 insertions(+)
Bernhard M. Wiedemann f155be
Bernhard M. Wiedemann f155be 
--- a/nvmf-autoconnect/systemd/nvmf-connect@.service
Bernhard M. Wiedemann f155be 
+++ b/nvmf-autoconnect/systemd/nvmf-connect@.service
4bc3f6 
@@ -9,6 +9,17 @@ PartOf=nvmf-connect.target
4bc3f6 
 Requires=nvmf-connect.target
4bc3f6
4bc3f6 
 [Service]
4bc3f6 
+# added automatically, for details please see
4bc3f6 
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
4bc3f6 
+ProtectSystem=full
4bc3f6 
+ProtectHome=true
4bc3f6 
+ProtectHostname=true
4bc3f6 
+ProtectKernelTunables=true
4bc3f6 
+ProtectKernelModules=true
4bc3f6 
+ProtectKernelLogs=true
4bc3f6 
+ProtectControlGroups=true
4bc3f6 
+RestrictRealtime=true
Bernhard M. Wiedemann f155be 
+# end of automatic additions
4bc3f6 
 Type=simple
4bc3f6 
 Environment="CONNECT_ARGS=%i"
Bernhard M. Wiedemann f155be 
 ExecStart=/bin/sh -c "nvme connect-all --quiet `/bin/echo -e '${CONNECT_ARGS}'`"
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.